Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

BigTolly,There are signs of commercial tracking software on this computer. This software uses techniques very similar to malware to perform its function.Because it is impossible for us to establish ownership of the computer whose log you have posted, we are also unable to establish whether any of the programs contained were installed with the owners permission. There may be legal ramifications about changes to this machine which we are not equipped or trained to deal with. Because of this, we will be unable to give directions to assist you with this computer.askey127

It has Authentium software on there which can provide things like a locator capability, among other things, in case it's stolen.We won't alter PCs that have that security software, even completely legitimate PCs, because we cannot tell whether we are inadvertently aiding in something improper.The software itself is not malicious, nor should it raise any alarm, if you put it there.Hardly any individual PC's have that software, but corporate network PC's sometimes do.

Apart from the 'Authentium software' that you mention, which I haven't installed and I have no idea how such software could get on this pc, is there anything else that could be causing the problems I am having?

As I said before, I built the pc myself from scratch from new components and installed a genuine retail version of Windows. Could this software be installed along with any other software in a package?

bigtolly,On that basis, of which I had no prior knowledge, I'll be glad to see if I can help.That's a first for me, but I will be looking for it from now on.----------------------------------------------------------Download and Install CCleaner

Double click on ccsetupXXX_slim.exe to start the installation of CCleaner. (XXX is the version number)

Click OK

Click Next

Click I agree

Click Next

Click Install

Once the installation has finished, click Finish

-----------------------------------------------------------Set Options in CCleaner and run Cleaning Scan.Open CCleaner if it's not already running.( Do not use the Registry block to clean anything with this program. It is for experts only and it is risky).

Select Cleaner Settings. Check Internet Explorer, Windows Explorer, and System so that all items are checked. In the Advanced section, have a check only on Old PreFetch Data.

Click on the Options block on the left. Select Advanced.Uncheck Only delete files in Windows Temp folders older than 48 hours.

Set Cookie Retention. Click on the Options block on the left, then choose Cookies.Under the Cookies to delete pane, highlight any cookies you would like to retain permanently (those companies or sites with which you regularly visit or do business), and click the right arrow > to move them to the Cookies to keep pane.

Run Cleaning Scan. Click on the Cleaner block on the left. Choose the Windows tab. Click the Run Cleaner button. This process could take a while. When CCleaner shows how much has been removed, cleaning is finished.

-----------------------------------------------------------Retrieve the Installed Programs List from CCleanerOpen CCleaner if it's not already running.In the Left Pane, click ToolsVerify that Uninstall is highlighted in color, or click on it.In the lower Right, click Save to Text File.Pull down the arrow at the top of the Save dialog and choose Desktop as the location.You can leave the filename as install.txtClick SaveExit CCleaner by clicking on the X button in the upper right of the CCleaner window.-----------------------------------------------------Using Internet Explorer, Please Do an Online Scan with Kaspersky WebScanner.Go here to run an online scanner from Kaspersky.

Click on "Kaspersky Online Scanner"

A new smaller window will pop up. Press on "Accept". After reading the contents.

Now Kaspersky will update the anti-virus database. Let it run.

Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.

Then click on "My Computer", and the scan will start.

Once finished, save the log to your Desktop as filename KAV.txt

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.

Please post the contents of CCleaner's install.txt and kav.txt. Both should be on your desktop.askey127

bigtolly,It's likely that some of the slowdown is caused by your Adobe Acrobat 5 trying to update itself.That program has a broken updater which hangs at bootup. It can phone home interminably and slow your PC to a crawl.After it finally boots up and you notice a slowdown, use Ctrl-Alt-Del to bring up task manager.Click on the Processes tab, and note the names of the process files which are using most of the CPU resources.

Download the latest version of Java Runtime Environment(JRE), and install it to your computer. It is the 4th one down on the page, called Java Runtime Environment (JRE) 6 Update 3Download it, choose save, and save it to your desktop.Then doubleclick it, and it will install the newest version of Java for you to use. -----------------------------------------------------------All these files should be deleted:Seems like Christmas Fun with Pooh is No Fun

A file called look.txt should appear on your Desktop. Please post the contents of this file. If it's empty, you got them all.-----------------------------------------------------------Post a New HiJackThis LogReboot your computer. Start HijackThis ). Click Do System Scan and Save a Log File. When the Scan is complete, select the whole log (Ctrl-A), copy and paste the log contents in a reply. askey127

Bogtolly,If you don't use Adobe Acrobat 5, then you can Uninstall it if you want.It's older but not the same as Adobe Reader 8.Having Adobe Reader 8 in place will take care of the vulnerability risk.

You need to get off imesh as your search assistant.Let's see if there is anything else.-----------------------------------------------------------Remove log items with HighjackThis. Start HijackThis. Click Do System Scan Only. When the Scan is complete, Check the following entries:(Some of these lines may be missing)R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix CheckedClick the "X" in the upper right corner of the HiJackThis window to close it.-----------------------------------------------------------Download Blacklight from here:http://www.f-secure.com/security_center/Under "Downloads", click on Blacklight and Save it to your DesktoporLink to it from the ftp site: ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exeand save it to your desktop from there.

Go to Start-->Run, copy in the following text, and press Enter:

"%userprofile%\desktop\fsbl.exe" /expert

Accept the license agreement. Click > scan, wait for it to fimish, then click Close

There will be a log on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers).Copy and paste the contents of this log into your next reply.----------------------------------------------------------Download Deckard's System Scanner (DSS) from here http://www.techsupportforum.com/sectools/Deckard/dss.exe and Save to your Desktop. (Note: You must be logged onto an account with administrator privileges).

Close all applications and windows.

Double-click on dss.exe to run it, and follow the prompts. OK what it wants to do.

When the scan is complete, two text files will openmain.txt<- this one will be maximizedextra.txt <- this one will be minimized( Default location for both files is C:\Deckard\SystemScanner\ )

Copy/Paste the contents of main.txt and extra.txt into your next post please.

So we are looking for the Blacklight log fsbl.xxxxxxxx.log and contents of the two logs from Deckards System scanner

Event Record #/Type8912 / WarningEvent Submitted/Written: 12/10/2007 03:29:05 PMEvent ID/Source: 36 / W32TimeEvent Description:The time service has not been able to synchronize the system timefor 49152 seconds because none of the time providers has been able toprovide a usable time stamp. The system clock is unsynchronized.

Glad we could be of assistance. This topic is now closed. If you wish it to be reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.Please do not contact us to reopen this topic if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.